Cross-Site Request Forgery (CSRF) in erudika/scoold


Reported on

Dec 22nd 2021


Hi there, I would like to report a CSRF vulnerability in erudika/scoold. This allows an attacker to change the current user question space or add them to default space against their will.

Proof of Concept

  1. Access scoold demo at and log in
  2. Access this link
  3. See that a new cookie return scoold-pro-space with value is based 64 encoded of "scooldspace:google-analytics:Google Analytics", indicating that you are added to the above space
  4. Access this link and see that you are added back to the default space


This vulnerability is capable of CSRF

We are processing your report and will contact the erudika/scoold team within 24 hours. 2 years ago
We have contacted a member of the erudika/scoold team and are waiting to hear back 2 years ago
We have sent a follow up to the erudika/scoold team. We will try again in 4 days. 2 years ago
Alex Bogdanovski validated this vulnerability 2 years ago
justinp09010 has been awarded the disclosure bounty
The fix bounty is now up for grabs
Alex Bogdanovski marked this as fixed with commit ee59dd 2 years ago
Alex Bogdanovski has been awarded the fix bounty
to join this conversation